Trac

Trac is an open source SCM (Source Code Management) and project management tool. This page documents some oddities I came across when configuring it. If I were to be more accurate I suppose the oddities are more conceptual gaps, since, like so many open source projects, the documentation is lacking (though as my co-worker Mike pointed out, I can always improve their docs if I feel the need. Problem is I couldn't - they were closed due to spam!).

Creating new users

User access (login) is not controlled from within Trac, but rather via whichever web serving mechanism Trac is configured to use. At the time of writing these are tracd, CGI, or mod_python (see Configuring Authentication from the Trac Installation Guide.)

I am only familiar with the mod_python approach, described in the Trac and mod_python section of Trac's installation guide. Users are controlled via a .htaccess file, so a new user is added to Trac by adding a new user to the .htaccess file. Unfortunately their guide fails to describe how to do this, but I've described it here: Edit the Apache .htpasswd authentication file.

Login/out oddity

If you are using apache authentication (e.g. if you installed Trac with mod_python) then Trac's login link will point at an apache login form. Once authenticated, your session will remain until the browser is closed. This means you are logged in regardless of whether the Trac link says login or logout.

The symptoms are as follows: You click login, log in as someuser, then click the logout link. Trac says you're logged out (though as we'll see you aren't really). Click login again and you'll be automatically logged in as someuser. The only way you can log in as a different user is to close your browser so the session is destroyed. This is because apache authentication is controlling login, not Trac.

trac-admin permission oddity

The trac-admin command allows you to grant users permissions for different tasks. If you ask it to list the permissions assigned to a user that does not exist - with trac-admin [/path/to/trac] permission list [username] - you'll see the default permissions but no indication that the user doesn't exist. This is probably because a) Trac doesn't really have users because access is controlled via whatever web serving mechanism it's using (see above) and b) Trac assigns the permissions of the "anonymous" user to every user who hasn't had their permissions explicitely changed.

Here's an example of what you get when you query the permissions of a user that doesn't exist.

devbox source # trac-admin /var/lib/trac/source permission list nonexistantuser

User             Action         
--------------------------------
BROWSER_VIEW     nonexistantuser
CHANGESET_VIEW   nonexistantuser
FILE_VIEW        nonexistantuser
LOG_VIEW         nonexistantuser
MILESTONE_VIEW   nonexistantuser
REPORT_SQL_VIEW  nonexistantuser
REPORT_VIEW      nonexistantuser
ROADMAP_VIEW     nonexistantuser
SEARCH_VIEW      nonexistantuser
TICKET_APPEND    nonexistantuser
TICKET_CHGPROP   nonexistantuser
TICKET_CREATE    nonexistantuser
TICKET_MODIFY    nonexistantuser
TICKET_VIEW      nonexistantuser
TIMELINE_VIEW    nonexistantuser
WIKI_CREATE      nonexistantuser
WIKI_MODIFY      nonexistantuser
WIKI_VIEW        nonexistantuser


Available actions:
 BROWSER_VIEW, CHANGESET_VIEW, CONFIG_VIEW, FILE_VIEW, LOG_VIEW,
 MILESTONE_ADMIN, MILESTONE_CREATE, MILESTONE_DELETE, MILESTONE_MODIFY,
 MILESTONE_VIEW, REPORT_ADMIN, REPORT_CREATE, REPORT_DELETE, REPORT_MODIFY,
 REPORT_SQL_VIEW, REPORT_VIEW, ROADMAP_ADMIN, ROADMAP_VIEW, SEARCH_VIEW,
 TICKET_ADMIN, TICKET_APPEND, TICKET_CHGPROP, TICKET_CREATE, TICKET_MODIFY,
 TICKET_VIEW, TIMELINE_VIEW, TRAC_ADMIN, WIKI_ADMIN, WIKI_CREATE,
 WIKI_DELETE, WIKI_MODIFY, WIKI_VIEW

Last modified: 17/04/2006 (most likely earlier as a site migration in 2006 reset some dates) Tags: (none)

This website is a personal resource. Nothing here is guaranteed correct or complete, so use at your own risk and try not to delete the Internet. -Stephan

Site Info

Privacy policy

Go to top